The solution is directed to access control systems and verifying proximity of a user to an access point that the user is wirelessly requesting access to. The proximity verification is based on placing proximity hubs adjacent to the different access points. Each proximity hub advertises a different unique identifier that changes periodically over a short-range wireless network and can be detected with a mobile device if the mobile device is physically within a short distance from the proximity hub. The unique identifier changes based on a rolling code. A user is permitted access to a restricted access point in response to the mobile device sending over a different long-range wireless network, the unique identifier advertised from a proximity hub adjacent to a desired access point and user access credentials authenticating access privileges of the user to the desired access point.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method comprising: broadcasting a periodically changing rolling code from a device, that is associated with a secured resource, the rolling code corresponds to a changing name of one of more of a wireless network, a wireless device or the secured resource; receiving a request comprising a first value and a second value from a user mobile device in response to the user mobile device receiving the rolling code using a Bluetooth radio when the rolling code corresponds to a changing Bluetooth device name, or receiving the rolling code using a WiFi radio when the rolling code corresponds to a changing service set identifier (SSID); obtaining a set of rolling codes recently advertised from the device based on the first value from the request matching a static identifier uniquely identifying the device or the secured resource from a set of devices or a set of secured resources; and providing access to the secured resource based on (i) the first value from the request matching the static identifier uniquely identifying the device or the secured resource, and (ii) the second value from the request matching one of the set of rolling codes.
2. The method of claim 1 further comprising obtaining access credentials from a physical access card, proximity card, or smart card placed over the device, and providing access to the secured resource based on the access credentials from the physical access card, the proximity card, or the smart card being authorized to access the secured resource.
3. The method of claim 1 further comprising generating a magnetic field from the device, the magnetic field providing power to a physical access card, a proximity card, or a smart card placed in the magnetic field, and causing the physical access card, the proximity card, or the smart card to transmit data to the device.
4. The method of claim 1 , wherein the changing name comprises a changing Bluetooth device name or changing service set identifier (SSID).
5. The method of claim 1 further comprising restricting access to the secured resource based on (i) the first value from the request differing from the static identifier uniquely identifying the device or the secured resource, or (ii) the second value from the request not matching one of the set of rolling codes.
6. The method of claim 5 , said restricting comprises locking or retaining a locked state of the secured resource.
7. The method of claim 1 , wherein providing access comprises unlocking an electronically controlled lock or a mechanical lock of the secured resource.
8. The method of claim 1 , wherein said broadcasting comprises advertising a plurality of messages at different times, wherein each message comprises the static identifier and a different rolling code value, and wherein the static identifier may come before or after the different rolling code value in the message.
9. The method of claim 1 further comprising receiving access credentials from the user mobile device.
10. The method of claim 9 , wherein said providing comprises selecting a set of authorized users or devices for the secured resource from other sets of authorized users or devices for other secured resources based on the first value from the request, and authorizing access to the secured resource based on the access credentials being associated with an authorized user or device from the set of authorized users or devices.
11. The method of claim 1 further comprising tracking the set of rolling codes recently advertised from the device at an access control unit (ACU), that is remote from the device, based on the ACU and the device being configured with a particular seed value for generating the rolling code, and wherein said providing comprises matching, at the ACU, the first value from the request to the static identifier, and matching the second value from the request to one of the set of rolling codes.
12. The method of claim 11 , wherein said providing comprises issuing an open command from the ACU to the secured resource.
13. A method comprising: distributing at least two different messages from a particular device at different times to one or more user mobile devices in wireless range of the particular device, wherein each message of the at least two messages is formed from a common first value and a different second value; detecting, at a user mobile device of the one or more user mobile devices, a spoken phrase or a user touch as an indication to request access to a secured resource using a message previously distributed by the particular device; queuing commencement of an access request procedure by the user mobile device in response to detecting the spoken phrase or the user touch for a particular period of time after a first message of the at least two different messages is distributed and before a second message of the at least two different messages is distributed; and commencing performance of the access request procedure within the particular period of time when the user mobile device receives the second message of the at least two different messages from the particular device, wherein performing the access request procedure comprises providing, from the user mobile device to the particular device, a set of access request messages comprising access credentials, that are stored in memory of the user mobile device, and the first and second values from a most recent message of the at least two messages that is distributed by the particular device and that is received by the user mobile device.
14. The method of claim 13 further comprising receiving access to the secured resource based on (i) the first value, that is provided during the access request procedure, matching a static identifier uniquely identifying the particular device or the secured resource, and (ii) the second value, that is provided during the access request procedure, matching different second values wirelessly transmitted from the particular device.
15. The method of claim 13 further comprising scanning for the at least two messages over a first wireless network without establishing a connection to the particular device.
16. The method of claim 13 , wherein performing the access request procedure comprises (i) identifying a request to access the secured resource based on the first value provided by the user mobile device matching a static identifier uniquely identifying the particular device or the secured resource, (ii) verifying permission to access the secured resource based on the access credentials, and (iii) verifying proximity of the user mobile device to the particular device based on the second value provided by the user mobile device matching a recently distributed second value from the particular device.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
September 28, 2018
August 25, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.